Cyber-attacks: Anatomy of a hack on a utility

In a recent report, the California Public Utilities Commission described how a "cascade of cybersecurity events" might cause havoc at an electric utility:

The first phase is a "man-in-the-middle exploit," where hackers intercept and change utility communications. Entering the system through unsecured "data ports" left open during system maintenance, the hackers insert erroneous data that disrupts the generation and transmission of electricity, and triggers a regional blackout.

Next comes a "denial-of-service attack," where the hacker floods the utility with email, "causing impairment of communications at all levels" and hindering the utility's ability to respond to the attack.

In the final phase, further problems are caused when substations are attacked through a "back door" -- holes hackers install or that sometimes are left by programmers so the system can be easily modified later. By reprogramming a computerized device in the substations, the hackers cause "the automated control and monitoring functions to malfunction and damage equipment."